Security Advisory

CVE-2024-5920

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-14 09:40:14

Last updated 2025-04-30 18:39:21

Assigner palo_alto

State PUBLISHED

Description

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrators browser.

← Browse all CVEs View on cve.org ↗